Preface


Depending on your organization’s security policies, you might require to identify and authorize users before giving them access to resources, such as Red Hat Developer Hub.

In Developer Hub, authentication and authorization are two separate processes:

  1. Authentication defines the user identity, and passes on this information to Developer Hub. Read the following chapters to configure authentication in Developer Hub.
  2. Authorization defines what the authenticated identity can access or do in Developer Hub. See Authorization.
Not recommended for production

To explore Developer Hub features, you can enable the guest user to skip configuring authentication and authorization, log in as the guest user, and access all the features.

The authentication system in Developer Hub is handled by external authentication providers.

Developer Hub supports following authentication providers:

  • Red Hat Single-Sign On (RHSSO)
  • GitHub
  • Microsoft Azure

To identify users in Developer Hub, configure:

  • One (and only one) authentication provider for sign-in and identification.
  • Optionally, additional authentication providers for identification, to add more information to the user identity, or enable access to additional external resources.

For each authentication provider, set up the shared secret that the authentication provider and Developer Hub require to communicate, first in the authentication provider, then in Developer Hub.

Developer Hub stores user identity information in the Developer Hub software catalog.

Not recommended for production

To explore the authentication system and use Developer Hub without authorization policies, you can bypass the Developer Hub software catalog and start using Developer Hub without provisioning the Developer Hub software catalog.

To get, store, and update additional user information, such as group or team ownership, with the intention to use this data to define authorization policies, provision users and groups in the Developer Hub software catalog.

Important

Developer Hub uses a one-way synchronization system to provision users and groups from your authentication system to the Developer Hub software catalog. Therefore, deleting users and groups by using Developer Hub Web UI or REST API might have unintended consequences.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.